Effective Date May 25, 2018, updated on December 31, 2019
SightCall is a global cloud software company that provides business the ability to see what their customers and technicians see via their smartphone and guide them remotely with AR guidance.
SightCall processes two broad categories of personal information when you use our products and services:
- Your personal information as a customer (or potential customer) of SightCall’s services — information that we refer to as Customer Account Data, and
- The personal information of your end users who use or interact with our applications or your application that you’ve built on SightCall’s platform, like the people you communicate by way of that application — this category contains both your Customer Usage Data (e.g., communications metadata) and your Customer Content (e.g., the contents of communications).
SightCall processes these categories of personal information differently because the direct relationship we have with you, our customer, is different than the indirect relationship we have with your end users.
CONTROLLER AND PROCESSOR
Data protection laws and privacy laws in certain jurisdictions, like the European Economic Area (EEA), differentiate between “controllers” and “processors” of personal information.
- A controller decides why and how to process personal information.
- A processor processes personal information on behalf of a controller based on the controller’s instructions.
When SightCall processes your Customer Account Data, SightCall is acting as a controller. When SightCall processes Customer Content, we generally act as a processor. When we process Customer Usage Data, we act as a processor in many respects, but we may act as a controller in others. For example, we may need to use certain Customer Usage Data for the legitimate interests of billing, reconciling invoices with telecommunications carriers, and in the context of troubleshooting and detecting problems with the Service.
HOW SIGHTCALL PROCESSES YOUR PERSONAL INFORMATION
We use Customer Account Data to further our legitimate interests to:
- understand who our customers and potential customers are and their interests in SightCall’s product and services,
- manage our relationship with you and other customers,
- carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations and
- help detect, prevent, or investigate security incidents, fraud and other abuse and/or misuse of our products and services.
What Personal Information SightCall collects
We collect and process your personal information:
- When you visit a SightCall public-facing website like sightcall.com, or make a request to receive information about SightCall or our products,
- When you contact our Sales Team or Customer Support Team; and
- When you sign up for a SightCall account and use our products and services.
We call this personal information Customer Account Data. We also collect Customer Usage Data from you when you send or receive communications through your use of our services. This data might take different forms, and we might use it for different purposes.
Depending on your interactions with us, we might collect the following categories of personal information:
|A. Identifiers||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.||Yes|
B. Personal Information Categories
(as listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
|A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.Some personal information included in this category may overlap with other categories.||Yes|
|C. Protected classification characteristics under California or federal law.||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).||No|
|D. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Yes|
|E. Biometric information.||Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.||No|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.||Yes|
|G. Geolocation data.||Physical location or movements.||Yes|
|H. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||No|
|I. Professional or employment-related information.||Current or past job history or performance evaluations.||No|
J. Non-public education information
(per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
|Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.||No|
|K. Inferences drawn from other personal information.||Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.||No|
|L. Equipment information.||Information about your internet connection, the equipment you use to access our Website, and usage details.||Yes|
When we’re processing your personal information as our customer, we’re generally processing Customer Account Data or Customer Usage Data. When we do, we’re a controller, as we described above.
In addition, as a processor and a service provider, we process Customer Content that may include personal information from any of those categories, plus others. If you’re an end user of a customer of ours, our customer will be able to help you with more details on what categories they’re collecting and using. If you’re our customer, you can read more about our responsibilities as a service provider in our CCPA Notice.
We may collect information about you, as our customer, from publicly-available sources so we can understand our customer base better. We may use publicly-available information about you through services like LinkedIn, or we may obtain information about your company from third party providers to help us understand our customer base better, such as your industry, the size of your company, and your company’s website URL.
How SightCall collects information about you
Information you provide to Us:
We obtains the categories of Personal Information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete or products and services you use.
- Indirectly from you. For example, from observing your actions on our websites.
- Records and copies of your correspondence (including email addresses), if you contact us.
- Your responses to surveys that we might ask you to complete for research purposes.
Information We Collect Through Automatic Data Collection Technologies:
As you navigate through and interact with our websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
- Details of your visits to our websites, including traffic data, location data, logs, and other communication data and the resources that you access and use on the websites.
- Information about your computer and internet connection, including your IP address, operating system, and browser type.
The information we collect automatically may include Personal Information or we may maintain it or associate it with Personal Information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service.
The technologies we use for this automatic data collection may include:
How SightCall Use your Personal information
Having accurate information about you permits us to provide you with a smooth, efficient, and customised experience. We may use or disclose the personal information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize, and develop our Websites, products, and services.
- To create, maintain, customize, and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Websites, third-party sites, and via email or text message (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our Websites, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our Websites, products, and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SightCall’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by SightCall about our Website users is among the assets transferred.
We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
HOW SIGHTCALL PROCESSES YOUR END USERS’ PERSONAL INFORMATION
Your end users’ personal information typically shows up on SightCall’s platform in a few different ways:
- Communications-related personal information about your end users, like your end users’ phone numbers for number-based notifications, your end users’ email addresses for email notification, show up in our systems when you use or intend to use this information to contact your end user through use of our products and services.
- Your end users’ personal information may show up in “friendly names,” which are strings you provide, if you choose to include your end users’ personal information as part of a string.
- Your end users’ personal information may also be contained in the content of communications you (or your end users) send or receive using SightCall’s products and services.
We call the information in the first two bullets above Customer Usage Data. The information in the third bullet is what we refer to as Customer Content.
As noted above, data protection law (including privacy law) in certain jurisdictions, like the EEA, differentiate between “controllers” and “processors” of personal information. When SightCall processes Customer Content, we generally act as a processor. When we process Customer Usage Data, we act as a processor in many respects, but we may act as a controller in others. For example, we may need to use certain Customer Usage Data for the legitimate interests of billing, and in the context of troubleshooting and detecting problems with the service.
What Customer Usage Data and Customer Content SightCall Process and Why
We use Customer Usage Data and Customer Content to provide services to you and to carry out necessary functions of our business as a communications service provider. We do not sell your end users’ personal information and we do not share your end users’ information with third parties for those third parties’ own business interests.
The particular end user personal information SightCall processes when you, our customer, use our products and services and the reason SightCall processes depends on how you use our products and services. The complete list of all personal information that are processed when you use SightCall’s product and service is available in the Administration Portal under privacy section (https://admin.sightcall.com/privacy-documentation/data-notice). Details regarding how long your end user personal information are stored on SightCall systems are also described in this section.
You may also have the option to use additional features or tools within SightCall’s products or services that allow you to do things such as analyze the records, including end user personal information, in your SightCall account. In those cases, SightCall will process this information to provide you with the service you request.
In addition, records containing end user personal information may, from time to time, also be used in debugging or troubleshooting or in connection with investigations of security incidents, as well as for the purposes of detecting and preventing spam or fraudulent activity, and detecting and preventing network exploits and abuse. It may also be anonymized, as allowed by law, and we may use data that can no longer identify you or relate to you for our legitimate business needs.
SightCall has designed its platform with several self-service features that our customers can leverage to assist in reviewing the personal data stored on our platform to respond to data requests. They are designed to allow you – as data controller – to retrieve, access or redact data relative to your users.
WHEN AND WHY WE SHARE YOUR PERSONAL INFORMATION OR YOUR END USERS’ PERSONAL INFORMATION
We do not sell or allow your Customer Account Data to be used by third parties for their own marketing purposes, unless you ask us to do this or give us your consent to do this. Further, we do not sell your end users’ personal information. We also do not share it with third parties for their own marketing or other purposes, unless you instruct us to do so. You can read more in our CCPA Notice.
- To our subsidiaries and affiliates.
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of SightCall’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by SightCall about our Website users is among the assets transferred.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose Personal Information:
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of SightCall, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection.
In the preceding twelve (12) months, SightCall has disclosed the following categories of personal information for our business purposes: (A) Identifiers, (B) Personal Information Categories, (D) Commercial information, and (G) Geolocation data.
Cookies and Web Beacons
You should be aware that getting a new computer, installing a new browser, upgrading an existing browser, or erasing or otherwise altering your browser’s cookies files may also clear certain opt-out cookies, plug-ins, or settings.
SECURITY OF YOUR INFORMATION
We follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.
POLICY FOR CHILDREN
We do not knowingly solicit information from or market to children under the age of 13. If you become aware of any data we have collected from children under age 13, please contact us using the contact information provided below. We will remove the information from our systems as soon as reasonably practicable.
CONTROLS FOR DO-NOT-TRACK FEATURES
OPTIONS REGARDING YOUR INFORMATION
Emails and Communications
If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:
- Noting your preferences at the time you register your account
- Logging into your account settings and updating your preferences.
- Contacting us using the contact information provided below
If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
YOUR RIGHTS AND CHOICES
Certain regulations (including the California Consumer Privacy Act of 2018 (CCPA) and EU General Data Protection Regulation of 2018 (GDPR)) provide individuals with specific rights regarding their Personal Information. This section describes your rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that SightCall disclose certain information to you about our collection and use of your Personal Information over the past 12 months. Once we receive and confirm your verifiable consumer request we will disclose to you:
- The categories of Personal Information we collected about you.
- The categories of sources for the Personal Information we collected about you.
- Our business or commercial purpose for collecting that Personal Information.
- The categories of third parties with whom we share that Personal Information.
- The specific pieces of Personal Information we collected about you (also called a data portability request).
You have the right to request that SightCall correct any information you believe is inaccurate. You also have the right to request SightCall to complete the information you believe is incomplete.
Deletion Request Rights
You have the right to request that SightCall delete any of your Personal Information that we collected from you and retained, subject to certain exceptions including regulatory data retention requirements. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, Rectification and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by using the contact information provided below.
Only you may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
We do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.
We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within one calendar month (1) of its receipt. If we require more time (up to 3 months), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Other California Privacy Rights
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
If you are under 18 years of age, reside in California, and have a registered account with our websites, you have the right to request removal of unwanted data that you publicly post on SightCall’s websites. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed onSightCall’s websites, but please be aware that the data may not be completely or comprehensively removed from our systems.
330 Townsend Street,
SAN FRANCISCO, CA 94107